Monitoring P2P Networks

Abstract -- We reverse engineer copyright enforcement in the popular BitTorrent file sharing network and find that a common approach for identifying infringing users is not conclusive. We describe simple techniques for implicating arbitrary network endpoints in illegal content sharing and demonstrate the effectiveness of these techniques experimentally, attracting real DMCA complaints for nonsense devices, e.g., IP printers and a wireless access point. We then step back and evaluate the challenges and possible future directions for pervasive monitoring in P2P file sharing networks.

But in that case, you're actually handling the traffic being complained about. What they did is more like claiming to be sharing a file whose name matches that of a popular song (though its contents are something different) and getting a takedown notice from the song's publisher.

In the case of tor, it wouldn't matter. You would not be liable so long as you weren't aware of it at the time. You are functioning as a common carrier/service provider. Running a TOR node actually helps you (If you allow people to exit through your node) because it brings plausible deniability to EVERYTHING you do online since there is NO WAY to prove you did it or a TOR user.

All depends on the jurisdiction you are in. In the Netherlands neither gives you plausible deniability: you are responsible for what runs through your system unless you can show who 'misused' it, simple as that.
That being said, the enforcement is not even near tackling this.

Ladies and Gentlemen commenters - you are embarking on a road not taken by RIAA. Their hunters are using a "shotgun principle" - even if it smells like an infringement (and computers don't smell) just send a cease and desist order. I used to be an administrator of a web server where a user published his own music, fully owning the copyright. Simply because the song was named "jazz no7", I got the cease and desist order, and it was jazz number with elements of ethnic music. They didn't even have the sense to play the freely downloadable song before listing it as infringement!

@eric:
He's not offering legal advice - that's something lawyers do and they typically charge for it. He's just voicing his beliefs on the matter, just like people normally do on blogs, so he shouldn't include any disclaimers - on the contrary, anybody reading it should be intelligent enough to know that it's a comment on a blog and nothing. If you're too stupid to see that, you deserve what you get for taking something like this at face-value.

Just to underline that point, consider the following statement in court:
"But, your honor, I read on a blog somewhere that running Tor means you don't get into trouble for what other people do using your connection. You cannot possibly think of finding me guilty."

So please, stop asking others to include disclaimers, start educating the stupid.

The waste number of false positives shows that the tests are too inconclusive, and the number of ways to produce even more false positives such as described in the article shows that the value of the evidence derived from it is close to non-existing.

I see two reactions from this if I was to be put in the spotlight from this kind of activity:
1) MPAA or other enforcing agencies to produce evidence of actual copyright infridgement. This includes identification of end user hardware
2) Counter-sue MPAA or other enforcing agencies for false accusations.

1. trojaned system
2. keylogger
3. acoustic monitoring
4. other video/audio bug
5. tempest van [eck]
6. the "friend" who is really an informer (old friend from school long ago suddenly come back from the blue to see you and is REALLY interested in being your friend again?), the cute woman who struck up a conversation with you out of the blue and now she's interwoven in your life
7. etc

Its like drug testing, the screening tests are about 70 percent accurate so they say. you can get fired for failing a screening test, poppy seeds on a bagel will do it. Mythbusters did a show on it.
the money is in selling the inaccurate tests. the lawyers for Riaa are just making money, pay no attention to their bombast.

This sounds very much like the debate over red-light cameras. (Red-light cameras are controversial in the US because they must violate either the constitutional principle that you are innocent until proven guilty, or the standard principle that a driver is the only one responsible for his behavior. In states that have RLCs, police (or private RLC operators) send a ticket to the car owner; then the law either holds him responsible no matter who was driving, or requires him to report the identity of the driver.)

Both RLCs and file-sharing are types of cases where the only easy method of enforcing the law (maybe even the only practical method) requires these "end runs" around the presumption of innocence. My take on both is that that principle must be upheld at all costs, so both the traffic cops and MPAA/RIAA can go **** up a rope, at least until they find new enforcement methods consistent with the presumption of innocence.

You can write a trojan and "infect" your system, the trojan will open a port and wait for commands, and can do anything with your system. But before gaining access the "user" must identify himself by a password.

char* hash = "somerandomhash";

if (hash == hash_it(given_password))
{
// give access
}

Since nobody can pass the control, your system is secure, but nobody can prove that there is no "somebody" there who knows the password and did the bad thing.

"How do the postal service, cab drivers, and auto rentals not get hit with this all the time then?"

That is what the "common carrier" principle is about. In the case of communications and transportation companies it is a primary service they "offer to all without prejudice" that is considered to be "for the common good" not for illegal purposes. As this "service to all" principle entailes responsability to those you offer the service to in most countries this requires the service provider to be licenced by an appropriate authority to ensure they are competent to offer the service.

Where as a service provider you are allowed to "show prejudice" then your liability starts. As you are alowed to refuse to supply the service without accountability, therfore it is assumed that you will be able to recognise suspicious activity and decline to supply the service.

The other end of the scale is where you are "aiding and abetting" in that a "reasonable person" would know that what they where doing was assisting a crime (think money laundering, receiving stolen goods etc).

The problem is if you are accused then you will have to (if you are lucky) convince a jury of your peers that the service you where offering was primarily for the common good.

If you are unluky you will have to convice a biased ajudicator (judge/magistrate/sherif) who in turn is influenced by "the supposadly great and the good" (a public authority or Government Department) who "are supposed to take a disinterested view" (but frequently have political agenders), then in that case "may your god help you" because nobody else will...

I have a open node, because my flatmate can't use windows and can't log in when there is a password. There are about 4 open nodes that are clearly meant to be open in my area. Most cafes provide *open* (not just free) wireless nodes.

about 5 people regularly use my network and I really don't have a problem with it. I can't see that liability will be worse that being nice to the criminal neibour. If you can't know, you don't just assume all are breaking the law....

Has there been any legal cases of this in court? In Germany? in Austria?

@Clive Robinson
Is the common carrier something that is in Europe as well , legally I mean.

@rip
Getting science "facts" from Myth Busters is like getting legal advice from a blog.

"Is the common carrier something that is in Europe as well , legally I mean"

The concept of "common carrier" and the legislation to enforce it is in the U.K. and although I cannot speak for all areas of Europe in the EEU/EEA it would appear to be so as well. This is due to the number of EU Directives attempting to get uniformaty of legislation in the TeleComms market.

Briefly ;) the EC/EU Directives get their "authority" through the EC/EU Treaty (of Rome/Lisbon/where ever it was last updated) simply refered to as "The Treaty". Due to the Status of "The Treaty" (ie it trumps National legislation) the "agreed text" of all Directives has to be brought into "Member State" national legislation to a timetable set out in the Directive. In the case of the U.K. this is usually by Statutory Instrument.

One of the first articles of "The Treaty" is about the liberalisation of the "Common Market" (see "The Treaty" text, which can be found via the EU web server "europa.eu").

One significant "Market Area" that has been seen by "The Council" and "The Parlment" of Europe as being in need of uniform legislation is electrical and electronic products and the services (telecommunications) they provide. This market segment was the one that is seen as having most national legaslitive impediments to the goal of "free trade" in the "Common Market".

To that end the RTTE Directive was approved back at the turn of the last century and the legislation had to be implemented in 2000. One interesting area within it was the "right to connect" "Telecommunications Terminal Equipment" which effectivly removed a significant impediment to the rapidly developing telecommunications market and in turn opened this previously Nationaly highly restricted and regulated market to international competition.

In the U.K. This was via the RT&TTE legislation (S.I. 2000:730) and two subsiquent amendments in 2003. The amendments clearly show how the U.K. Has put all of it's "Regulatory Authority" in this area into the hands of a semi independent organisation OfCom that effectivly makes it judge jury arbiter and police in this area. And the U.K. Gov has given OfCom unprecidented powers that are seen with envy by just about all other U.K. Gov organisations. However even with those powers they are seen to significantly fail in their statutory duties and this has given rise to Political problems for them. Obviously the "extrodinary powers" has given OfCom the ability to abuse their position as they see fit with little "let or hinderance" to remove the Political problems via extreamly questionable means...